To start scanning emails using Aware by Securly you would need to create a new journal rule in Exchange that would forward emails to the Aware engine.
Before you begin the setup please ensure that you have an Exchange Online license. with at least an E5 or A3 tenancy. It is not possible to set up journaling rules if you have a free tenancy.
To set up Aware:
- Login to https://admin.microsoft.com with your Admin credentials.
- Navigate to Microsoft Purview view & then scroll down to Data Lifecycle management > Exchange (legacy)
- Select the Journal rules tab and then click New Rule.
- Depending upon your regional cluster use one of the following email IDs in the ‘Send journal reports to’ field. The email ID for your regional cluster will also be displayed to you on the setup screen.
US East: auditor@use-smtp.auditor.securly.com
US West: auditor@usw-smtp.auditor.securly.com
EU West: auditor@euw-smtp.auditor.securly.com
Canada: auditor@ca-smtp.auditor.securly.com
US East2: auditor@use2-smtp.auditor.securly.com
APSE: auditor@apse-smtp.auditor.securly.com
UK: auditor@uk-smtp.auditor.securly.com
- Input a unique name for your new journal rule in the ‘Name’ field.
-
Select ‘Everyone’ for the 'Journal messages sent or received from' field.
7a. Optional: If you'd prefer to not scan all users email, you can specify a group to journal messages from. Please note, you will need to have a previously created a mail enabled security group if you are doing step 7a. - Select ‘All messages’ for the 'Type of message to journal’ field.
- Click Save.
This completes the technical aspect of the Aware setup in Office 365.
As a final step, a test email with disturbing content will be sent to a test email ID you provide. This test email will be displayed on your Aware activities feed indicating that Aware has been installed successfully and monitoring for flagged activity has started.
Note that Org. unit or Security group configurations do not impact the scanning of emails or alerts by Aware. Org. unit and Security group configurations are considered only for Google Drive scanning. Emails will be scanned and alerted upon irrespective of whether any Org. units or Security groups are configured.
Comments
Article is closed for comments.